Software in a computer system may be distributed in a number of ways. From the perspective of preventing unauthorized use, these distribution methods may be classified into three groups, namely, unrestricted entitlement, restricted entitlement, and non-entitlement methods.
Unrestricted entitlement means that the software distributed with a computer system will run on any computer system for which it was designed, without any restrictions. Apart from the licensing and contractual agreement, there is nothing in the software to guard against unauthorized use. This method is not desirable for expensive software.
Restricted entitlement means that the software contains some means to limit itself to run only on the computer system for which it is authorized. A common restriction method is to encode hardware specific information in the computer system so that the software can verify the information at system startup. Another method is to make the software unique for every computer system. This entails unique compilation of the software for each distribution, which is a very costly operation.
Non-entitlement means that the software is disabled when distributed, and requires a separate authorization method to enable the software. This method is commonly adopted in computer systems where a single generic distribution medium is used to distribute all of the software, and software components or packages within may be enabled or disabled according to license contract.
It is widely believed to be very difficult, if not impossible, to design a software protection method that cannot be defeated over the long run. It would be advantageous to devise a protection method that would reduce the incentive for a potential counterfeiter to counterfeit the system, thereby achieving the objective of protecting the software from software piracy.
The problem of software piracy is acute with a particular class of computer systems, namely Internet Appliances. An Internet Appliance is generally a computer system that performs some predetermined functions while connected to the Internet. The Internet Appliances typically consist of computer hardware with embedded software. The hardware includes a storage medium and a network interface card.
Software embedded in an Internet Appliance tends to be compact. It is not uncommon to store the entire system software in a storage medium that has only a few megabytes of capacity. This type of storage medium is usually small and very portable (such as CompactFlash and SIM cards). Because of wide adaptation and portability of such media, digital content inside such mediums media can be illegally duplicated very easily.
It is therefore an aspect of an object of the present invention to provide a method and an apparatus for protecting the embedded software in computer systems, such as Internet Appliances, against unauthorized use, while being relatively cost-effective to deploy.
An aspect of another object of this invention is to provide a method and an apparatus for protecting the software in a computer system, while allowing a user to make legitimate backup copies of the software.
An aspect of another object of this invention is to provide a method and an apparatus for a user to quickly re-entitle the software in a computer system in the event that the software enters a non-entitlement state.